Active Cyber Defence services

The NCSC check your cyber security service allows individuals and organisations to run instant checks on their cyber security. You don’t need to register to use it and the checks can be run in seconds.  

Learn more about check your cyber security

DNS Check highlights critical dangling DNS issues.

Eligible sectors: Public Sector (central government, arms length bodies, local authorities, devolved administrations, emergency services, NHS organisations, Ministry of Defence)

Early Warning helps organisations investigate cyber attacks on their network by notifying them of malicious activity that has been detected in information feeds.

Eligible Sectors: Any UK organisation with a static IP address or domain name can sign up to use Early Warning.

Learn more about early warning signs.

EIAB is a resource of realistic scenarios that helps organisations practise and refine their response to cyber security incidents in a safe and private environment.

Eligible sectors: Anyone can download and use EIAB

Read more about Exercise in a Box.

Mail Check helps organisations assess their email security compliance and adopt secure email standards which prevent criminals from spoofing your email domains.

Eligible sectors: Any UK organisation with a static IP address or domain name can sign up to Mail Check.

Learn more about Mail Check.

Web Check helps you find and fix common security vulnerabilities in the websites that you manage.

Eligible sectors: Public Sector and Academia (All UK Schools. Universities and Further Education Colleges). UK Registered Charities. UK Registered Social Housing Providers and Arms Length Management Organisations (ALMOs). 

Read more about Web Check.

HBC is a software agent available for use on OFFICIAL devices in government.

The NCSC conducts analysis to detect malicious activity on those endpoints. The service provides cyber hygiene reporting and notifies organisations about their exposure to the most critical of new vulnerabilities.

Eligible sectors: Public Sector (Central Government)

Learn more about Host Base Capability.

PDNS prevents users from accessing domains or IPs that are known to contain malicious content and stops malware already on a network from calling home.

Eligible sectors: Public Sector. UK Registered Social Housing Providers and Arms Length Management Organisations (pilot users only - for more information visit our PDNS webpage)

Learn more about PDNS.

The NCSC is working to mature the UK's approach to vulnerability disclosure and remediation by providing the following:

• GC3 Vulnerability Reporting Service - anyone can report a vulnerability with a UK government online service
• Vulnerability Disclosure for Government Scheme - we aim to improve the UK government's ability to adopt vulnerability disclosure best practices. Please contact us if you want to be involved in the pilot (government only)
• Vulnerability Disclosure Toolkit - contains the essential components you need to set up your own vulnerability disclosure process.

SERS enables the public to report suspicious emails by sending them to [email protected]. The service analyses the emails and where found to contain links to malicious sites, seeks to remove those sites from the internet to prevent the harm from spreading.

Eligible sector: Anyone can use SERS

Report a suspicious email

The NCSC Takedown Service finds malicious sites and sends notifications to the host or owner to get them removed from the internet before significant harm can be done. The NCSC centrally manages the service, so departments automatically benefit without having to sign up.

Eligible sector: Public Sector

Learn more about NCSC Takedown Service.

The NCSC shares datasets of malicious indicators with our industry partners, including Managed Service Providers (MSPs), Communication Service Providers (CSPs) and Internet Service Providers (ISPs). As a result, their UK citizen and business customers are protected as access to malicious content is blocked.

Learn more about Share and Defend capability.

MyNCSC provides a common point of entry to a number of the NCSC’s Active Cyber defence (ACD) services. 

These include: 

• DNS Check
• Early Warning
• Mail Check
• PDNS
• Web Check

For the eligibility criteria to use these services please see their respective descriptions above.

Learn more about My NCSC.